Executive advisory
Working with leaders, executive teams, and complex organizations on decisions where cybersecurity, resilience, control, identity, and regulation have real impact on governance, operations, and value.
Explore advisory →Cybersecurity · Resilience · AI · Decision Systems
Senior cybersecurity executive for organizations navigating complexity in cyber risk, resilience, and AI.
I work with large organizations, boards, and selective partners when cybersecurity, risk, regulation, and decision architecture require real operating experience, executive judgment, and execution capability.
Executive advisory, pilots, applied education, and strategic work in regulated and high-trust environments.
Enterprise. Institutional. Executive. Selective.
Banco Santander · EY · Prosegur · SmartKEA · UNIR · ESCP · CCN-CERT · GINSEG / IntelCon
Banco SantanderEYProsegurTIREAMotorroSmartKEAGINSEGIntelConESCPUNIRUNIEU. EuropeaCEU San PabloAESyCCCN-CERTINCIBEEducaMadridF. GoodJob
Current priorities
Current priorities
My work today concentrates on three fronts: executive advisory, pilots and applied simulation, and developing initiatives with structural potential in high-trust systems.
Pilots & executive readiness
Designing and facilitating concrete, useful entry formats: crisis simulations, executive workshops, readiness diagnostics, and clarity sprints for regulated or high-demand contexts.
View working formats →Capital & selective partnerships
Working selectively with family offices, venture partners, strategic investors, and large organizations when an executive lens is needed to evaluate, shape, or activate opportunities in high-trust systems.
Capital & Partnerships →Proof before assertion
Credibility here does not rest on a single category. It is built on enterprise experience, institutional speaking, teaching, and sustained building.
Institutional collaborator
Creator of ELENA crisis simulator. Invited speaker at Spain's national CERT — Jornadas STIC (2023, 2024).
University faculty
Faculty in professional cybersecurity, data protection, and cybercrime programmes.
Regulated financial services
Senior cybersecurity and risk roles across banking (Santander), consulting (EY), and global security operations (Prosegur).
Active builder
Cybersecurity and resilience platform. BrandGuard phishing intelligence. Registered as SmartKEA CyberInnovation SL.
Conference co-founder
Co-founded IntelCon (cyber intelligence conference) and GINSEG (professional intelligence community).
What I do today
Not generic theory. Work on concrete decisions, capabilities, and strategic moves.
Executive cyber & risk advisory
Supporting decisions on cyber governance, resilience, posture visibility, critical capabilities, identity, risk, and executive coordination.
Identity, systems & decision support
Connecting identity, information systems, control, automation, and AI with executive clarity and operational utility.
Crisis simulation & executive readiness
Working with leadership and key teams to turn ransomware and disruption scenarios into useful preparation, shared language, and better response capability.
Strategic initiatives & venture shaping
Providing judgment to shape initiatives, pilots, and opportunities where technology, regulatory pressure, buyer reality, and value design must align before scaling.
Why this perspective is useful
The differentiation is not talking about cybersecurity. It is having operated inside it, built outside it, and understanding how risk, adoption, regulation, architecture, executive decision-making, and value creation connect.
Enterprise cybersecurity operations
Senior roles in financial services cybersecurity (IAM, 2LoD cyber risk, posture visibility) and consulting (cyber intelligence advisory for regulated institutions). Experience where coordination, control, and visibility genuinely matter.
Cyber intelligence and decision systems
Threat intelligence operations, OSINT methodology, and decision-support systems. Co-founder of GINSEG and IntelCon — professional intelligence community and conference. Connecting signals, context, and operational pressure to better judgment.
Applied education and institutional voice
University faculty at UNIR (cybersecurity, data protection, cybercrime). Programme coordination at ESCP Business School. Institutional collaborator at CCN-CERT (ELENA crisis simulator creator). Sustained work in applied education formats and institutional spaces.
Applied venture building
Founder of SmartKEA CyberInnovation SL. Building cybersecurity, resilience, and intelligence platforms from operational experience in regulated environments. From advisory and pilots toward modular, repeatable capabilities with recurring value.
What is being built
Through SmartKEA and selective strategic work, I am developing a more structured layer of capabilities oriented toward regulated organizations and high-trust environments. The direction is clear: from advisory and pilots with immediate utility toward more modular, repeatable capabilities with recurring value.
Capital & PartnershipsThe goal is not to add noise to the market. It is to build useful capabilities where regulation, risk, decision, and operations meet.
Proof before assertion
Credibility here does not rest on a single category. Built on enterprise experience, institutional speaking, teaching, and sustained building.
Enterprise and high-demand environments
Experience in banking, consulting, and cyber operations in contexts where coordination, control, and visibility genuinely matter.
Institutional speaking
Participation in public and executive spaces where cybersecurity, resilience, simulation, intelligence, and applied training are addressed with practical focus.
Teaching and executive programmes
Sustained work in collaboration with academic institutions and applied education formats.
Builder history
Track record building initiatives and communities at the intersection of cybersecurity, intelligence, education, and systems.
Who typically finds this relevant
Large organizations and regulated environments
When technical and regulatory complexity needs to be turned into executive decisions, useful capabilities, and better governance.
Boards, C-suite, and control functions
When cybersecurity, resilience, identity, crisis, or AI stop being operational topics and become coordination, risk, and decision topics.
Family offices and strategic investors
When executive judgment is needed to understand high-trust systems, real risk, readiness, buyer logic, and collaboration or diligence possibilities.
Venture partners and design partners
When an opportunity needs contrast with enterprise reality, regulatory pressure, adoption capability, and partnership design.
How conversations usually start
Most useful conversations start through one of three paths:
Executive advisory
For organizations that need judgment, clarity, and senior support on a critical decision, programme, or capability.
Pilot or strategic sprint
To validate a hypothesis, design a collaboration, prepare a simulation, or land a high-value initiative.
Capital & partnerships
For selective conversations with family offices, strategic investors, venture partners, and large organizations where executive judgment adds value.
Selected talks and references
Explore the full record of talks, videos, media appearances, and institutional references.
Perspectives from operating experience
Not generic theory. Observations from enterprise, advisory, education, and institutional work where cybersecurity, risk, and decision quality intersect.
How to evaluate a cybersecurity opportunity with enterprise judgment
Most cybersecurity ventures fail not because the technology is wrong, but because the thesis ignores enterprise friction, buyer readiness, and regulatory timing. What makes an opportunity worth serious attention and what should make you walk away.
Why cyber posture visibility changes executive decision-making
Boards do not need more dashboards. They need a view of cyber risk they can act on. Posture visibility replaces guesswork with governance-grade judgment. Why this capability is becoming non-optional under DORA and NIS2.
What a family office does not see and what the founder does not say
In high-trust systems, the gap between what is presented and what is real determines whether a conversation becomes a partnership or a polite exit. Where executive judgment, technical due diligence, and regulatory awareness create clarity.
Ways to work together
If the conversation requires executive judgment, regulated context, and clear-eyed thinking, start there.
Share context, organization type, and conversation objective. Advisory, speaking, pilot, diligence, or partnership: a precise interaction is better than a generic one.